Lucene search
K

1155 matches found

OSV
OSV
added 2022/03/25 7:15 p.m.24 views

CVE-2022-0322

A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...

5.5CVSS6.4AI score
Exploits0References3
Prion
Prion
added 2022/03/25 7:15 p.m.25 views

Design/Logic Flaw

A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...

2.1CVSS6.5AI score0.00295EPSS
Exploits0References3Affected Software5
UbuntuCve
UbuntuCve
added 2022/03/25 7:15 p.m.78 views

CVE-2022-0322

A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...

5.5CVSS6.7AI score0.00295EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/03/25 6:2 p.m.20 views

CVE-2022-0322

A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...

6.7AI score0.00295EPSS
Exploits0References3
CVE
CVE
added 2022/03/25 6:2 p.m.473 views

CVE-2022-0322

The CVE-2022-0322 entry concerns a flaw in the Linux kernel SCTP implementation. Specifically, in net/sctp/sm_make_chunk.c, the function sctp_make_strreset_req can trigger a BUG_ON when an operation uses more buffer than allocated, enabling local privilege access to cause a denial of service. Con...

5.5CVSS6.2AI score0.00295EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2022/03/25 6:2 p.m.38 views

CVE-2022-0322

A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...

5.5CVSS6.7AI score0.00295EPSS
Exploits0
CNNVD
CNNVD
added 2022/03/23 12:0 a.m.3 views

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a buffer overflow vulnerability that originates from not properly validating data boundaries when net/ipv4/esp4.c and net/ipv6/esp6.c perform...

7.8CVSS8.2AI score0.05524EPSS
Exploits2References50
OSV
OSV
added 2022/03/18 6:15 p.m.4 views

CVE-2020-25178

ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploading of applications. Data is transferred over this protocol unencrypted, which could allow a remote...

8.8CVSS5.8AI score
Exploits0References4
CNVD
CNVD
added 2022/03/17 12:0 a.m.24 views

Linux kernel denial of service vulnerability (CNVD-2022-21542)

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel is vulnerable to a denial-of-service vulnerability that stems from a memory leak in the ICMPv6 network protocol stack. An attacker could exploit the vulnerability by generating and sending...

9.1CVSS3.2AI score0.04919EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2022/03/11 8:0 a.m.1 views

.A flaw was found in the CAN BCM networking protocol in the Linux kernel where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

...

7CVSS7AI score0.00431EPSS
Exploits1
Cloud Foundry
Cloud Foundry
added 2022/03/11 12:0 a.m.54 views

USN-5294-2: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or...

7.8CVSS8AI score0.05918EPSS
Exploits9Affected Software1
Ubuntu
Ubuntu
added 2022/02/22 10:16 a.m.144 views

USN-5299-1: Linux kernel vulnerabilities

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. CVE-2020-26147 It was discovered that the bluetooth...

7.8CVSS8.2AI score0.07604EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/02/22 7:52 a.m.149 views

USN-5294-2: Linux kernel vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Szymon Heidrich discovered that the USB Gadget...

7.8CVSS7.4AI score0.05918EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/02/22 7:14 a.m.257 views

USN-5295-2: Linux kernel vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Jann Horn discovered a race condition in the Un...

7.8CVSS7.3AI score0.05918EPSS
Exploits5
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1062)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6AI score0.0627EPSS
Exploits7References2
Github Security Blog
Github Security Blog
added 2022/02/12 12:0 a.m.20 views

Deserialization of untrusted data in Apache Cayenne

Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence ROP feature is a web services-based technology that provides object persistence and query functionality to 'remote' applications. In Apache Cayenne 4.1 and...

8.8CVSS4.2AI score0.02197EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/02/12 12:0 a.m.36 views

EulerOS Virtualization 3.0.6.0 : curl (EulerOS-SA-2022-1062)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl 7.1.1 to and including 7.75.0 is vulnerable to an 'Exposure of Private Personal Information to an Unauthorized Actor' by leaki...

6.5CVSS6.8AI score0.0627EPSS
Exploits7References8
OSV
OSV
added 2022/02/11 1:15 p.m.18 views

CVE-2022-24289

Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence ROP feature is a web services-based technology that provides object persistence and query functionality to 'remote' applications. In Apache Cayenne 4.1 and...

8.8CVSS8.9AI score
Exploits0References2
CVE
CVE
added 2022/02/11 12:20 p.m.106 views

CVE-2022-24289

CVE-2022-24289 describes a deserialization vulnerability in the Hessian component of Apache Cayenne’s Remote Object Persistence (ROP) for Cayenne 4.1 and earlier when running on non-current Java patches. An attacker with client access to Cayenne ROP can send a malicious payload to vulnerable thir...

8.8CVSS8.9AI score0.02197EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/04 2:15 a.m.11 views

CVE-2021-45998

D-Link device DIR882 DIR882FW1.30B06Hotfix02 was discovered to contain a command injection vulnerability in the LocalIPAddress parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted HNAP1 POST request...

9.8CVSS8.2AI score0.03715EPSS
Exploits0References4
Rows per page
Query Builder